Skype Acknowledges IM Privacy Flaw

Skype yesterday issued an apology for a bug that caused some users' chat messages to be redirected to other people in the user's contact list.

"It apparently is limited to those users whose Skype client crashes during an IM exchange," writes Threatpost's Anne Saita. "Once rebooted, or if the user logs back in as a new user, the last message drafted or sent before the crash is delivered -- but to a different contact."

"In other words, third-parties are seeing stuff they were never meant to see, which constitutes a serious breach of privacy," writes Engadget's Sharif Sakr.

"The privacy problem was first reported on a Skype support forum by a user who couldn't figure out why some of her contacts were receiving messages she had only authorized to be sent only to select other contacts," writes Ars Technica's Dan Goodin. "Other discussion participants soon chimed in to say they were experiencing the same thing."

"This is both embarrassing and frustrating for users who are seeing their personal messages shared unintentionally with random entries on their contact lists -- some of whom may be business contacts," writes Silicon Republic's Elaine Burke. "Most users affected appear to have only become aware of the issue when the person who received the messages in error let them know."

"The flaw exists on multiple platforms: builds for Windows, Linux, Mac OS X, Android, iOS and Windows Phone are vulnerable," writes The Register's John Leyden. "Users are urged to upgrade their software as soon as a patch becomes available."